File: Changes

package info (click to toggle)
libdata-validate-ip-perl 0.31-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 352 kB
  • sloc: perl: 1,069; sh: 23; makefile: 2
file content (237 lines) | stat: -rw-r--r-- 7,028 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
 
0.31  2022-11-28

- Fixed handling of the ::0/128 subnet. This is a special subnet(/address)
  that is called the "unspecified address". It is not public or
  routable. Reported by Dan Sherry. GH #13.


0.30  2021-03-29

- Added some more details to the security docs to include mentions of the
  is_*_ip() functions too. See https://nvd.nist.gov/vuln/detail/CVE-2021-29662
  for details on the potential security issues with these functions.


0.29  2021-03-29

- Fixed a typo in the POD.


0.28  2021-03-29

- Added docs about the security implications of using functions like
  is_private_ip4() without _also_ calling is_ipv4() first. This was inspired
  by a recent issue with the Node netmask package. See
  https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/
  for a write up.


0.27  2016-11-17

- If your version of Socket.pm provides a sane inet_pton, most of the is_*_ip
  subroutines will use a much faster implementation. is_private_ipv4 and
  is_private_ipv4 are approximately 16x faster. is_private_ipv6 and
  is_public_ipv6 are about 3-4x faster.  Implemented by Greg Oschwald. GitHub
  PR #8.


0.26  2016-05-31

- Fixed issue where invalid IPv6 strings such as ::0000000 would be marked as
  valid by is_ipv6() when using the faster inet_pton() code path (GitHub
  #6). Fixed by Greg Oschwald. GitHub PR #7.


0.25  2016-02-01

- Added is_ip(), is_public_ip(), is_private_ip(), is_linklocal_ip(),
  is_loopback_ip(), and is_multicast_ip(). These are similar to the existing
  subroutines but are IP address family agnostic. Implemented by Greg
  Oschwald. GitHub PR #5.

- The subroutines included in this module now always return a scalar when
  called in list context. Previously they would generally return an empty list
  when validation failed. Implemented by Greg Oschwald. GitHub PR #5.


0.24     2014-08-28

- A string with a null byte (\0) would be considered valid if the internal
  implementation used inet_pton() to validate IP addresses. Fixed by Greg
  Oschwald. GitHub PR #4.


0.23     2014-03-09

- Fixed is_ipv6 to correctly fail for a string like ":abcd" on platforms where
  inet_pton() isn't usable. Reported by Brian Bickerton. RT #93622.

- As a side effect of the above, the code to check IPv6 addresses when
  inet_pton() isn't usable is about 7-8x times faster now.


0.22     2013-12-05

- Fixed some small doc typo/formatting issues.


0.21     2013-12-05

- The 198.51.100.0/24 and 203.0.113.0/24 networks were mistakenly put in the
  unroutable list, rather than the testnet list. This has been fixed. Note
  that if you've just been using is_public_ipv4 in your code, there are no
  changes in the results.

- Added the 6to4 anycast network - 192.88.99.0/24. Addresses in this network
  are not considered public and there is now a new is_anycast_ipv4()
  subroutine exported.

- Added a number of missing reserved IPv6 networks. These are the IPv4-mapped
  block (::ffff:0:0/96), the discard prefix (100::/64), TEREDO (2001::/32),
  ORCHID (2001:10::/28), and documentation (2001:db8::/32) IPv6
  networks. There are now is_ipv4_mapped_ipv6(), is_discard_ipv6(),
  is_teredo_ipv6(), is_orchid_ipv6(), and is_documentation_ipv6() subs. Note
  that the TEREDO and ORCHID networks are both subnets of the larger special
  network, and as such were already excluded by is_public_ipv6(), though
  arguably the TEREDO addresses _should_ be considered public.

- Rewrote most of the docs to greatly reduce the amount of text and to improve
  the ToC on MetaCPAN and search.cpan.org.


0.20     2013-07-13

- Add docs for the is_public_ipv6() sub that was added in 0.15. Reported by
  Greg Oschwald.


0.19     2013-03-13

- Fix a deprecation warning that showed up with Perl 5.10.1, but not with
  newer Perls. Reported by Iosif Fettich.


0.18     2013-02-19

- Versions 0.15 - 0.17 still had $VERSION set to 0.14. Reported by Greg
  Oschwald.


0.17     2013-02-19

- Previous releases broke is_innet_ipv4 for many network formats. This support
  has been restored, but only the "a.b.c.d/nn" CIDR form will be documented
  going forward. All other forms are deprecated, and support for them will be
  removed in a future release.


0.16     2013-02-06

- Made the check for Socket.pm stricter. On some platforms it exports an
  inet_pton() that just dies when called. On other platforms it accepts
  invalid input like '016.17.184.1' or '2067::1:'.


0.15     2013-02-04

- If your installed version of Socket.pm provides an inet_pton subroutine we
  use that to do validation. This is about 5x faster for IPv4 addresses and 20
  times faster for IPv6.

- Various unroutable networks are now recognized as non-public
  addresses. Based on a patch by Greg Oschwald. (Bug#83081).

- Added is_unroutable_ipv4 exported sub.

- Added is_public_ipv6, is_private_ipv6, is_loopback_ipv6, is_multicast_ipv6,
  and is_special_ipv6 subroutines.

- Fixed the is_linklocal_ipv6 method. It didn't recognize the full link-local
  range properly.

- Fixed bug where '::' was not recognized as a valid IPv6 address. (Bug#81700)

- Fixed bug where ipv6 related subroutines were not untainting their return
  value.


0.14     2011-01-06

- Cleaned up test suite (no code changes)


0.13     2011-01-06

- Fixed unshorted ipv6 check when ipv4 address is trailing. (Bug#64532) Thanks
  to Milan Matlak <milan.matlak@sde.cz> for patch


0.12     2010-12-29

- Fixed parsing of trailing :: (such as 2001::), as that is valid This address
  bug#58991 - Thanks to Alan.Chester@tekelec.com for identifying the problem.

- Also fixed incorrectly treating 2001::1: as a valid IPv6 address when it
  isn't


0.11     2010-03-01

- Added support for is_innet_ipv4 - simple check to see if IP is in network.
  Thanks to "Bartłomiej Syryjczyk" <bartlomiej@syryjczyk.name> for suggesting
  the function


0.10     2009-06-04

- Added initial support for is_ipv6.  ipv6 is new territory for me, so please
  send in your bug reports to me so that I can make sure I get it done
  correctly.


0.09     2009-01-30

- Removed AUTOLOAD


0.08     2007-12-06

- Fixed is_ipv4 to treat leading 0's in an ip as invalid, i.e.: 017.1.1.1 is
  invalid.  Thanks to Joshua D. Abraham <jabra@spl0it.org> for submitting the
  patch


0.07     2007-05-17

- Added POD testing, and minor cleanup related to that


0.06     2007-05-16

- Updated contact information to be neil@neely.cx, this is a purely cosmetic change


0.05     2007-03-06

- Added is_multicast_ipv4 and is_linklocal_ipv4.  Thanks to Matt Dainty
  <matt@bodgit-n-scarper.com> for doing all the work


0.04     2005-04-28

- Removed perl version dependency in Makefile.PL


0.03     2005-03-04

- Minor fix to pod markup


0.02     2005-03-04

- Added is_private_ipv4 is_loopback_ipv4 is_testnet_ipv4 is_public_ipv4


0.01     2005-03-03

- Original version; created by h2xs 1.23 with options -AXn Data::Validate::IP